Developer Pages

# About Swedish BankID

Swedish BankID is a method of secure digital electronic identification and signing. Individuals who have a Swedish national identification number (personnummer) can obtain BankID through their bank.

# Use case examples

If you are not so familiar with how BankID is used, here are some typical use cases:

  • Digital onboarding: To become a customer of a bank, you have to register as a user for the first time. To prove your identity, you can choose to use BankID, among others, as an ID method.

  • Authentication: As a registered customer with a bank, you will be able to apply for a loan. To be able to log in to your bank, you have to authenticate to prove your identity. BankID can be used for authentication, the same way it can be used for registering as a new customer. :::

Technically, you use the same service in both use cases and the user interface is the same for both digital onboarding and authentication (see flow examples below). However, you should consider how you set the ID method up in the total user flow, since onboarding a new customer is a one-time occurrence, while authentication is a repetitive action for the customer. You may set up a simpler user flow for recurring authentications. Of course, this depends on the required level of assurance for the services you offer.

Note

If BankID is used for digital onboarding, it is not allowed to issue alternative credentials (also known as ID switch). So if BankID is used for the initial user onboarding then BankID should also be used for all subsequent authentications.

For technical integration details, see Get started with authentication.

# Authentication flow

Signicat provides two main flow options for BankID, remote with another device or locally on the same device. Both options assume the user has already installed the BankID app on the device where the authentication is performed.

For details about how to configure the different flows, see Configure the BankID flow.

# "Remote" confirmation with QR code scan

The QR option is normally used when the user starts on a website for desktop. In this case, the user is asked to open the BankID app to scan the displayed QR code with their mobile device:

Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide

The link below the QR code allows the user to switch over to authenticate themselves via the same device (see the next section).

NIN flow

Instead of using QR code, you may set up that the user can identify themselves using their national identity number (NIN). Be aware that this option will be phased out by BankID in 2024. The recommended option is to use the QR code scan. If you still want to use NIN, see more details in Select and configure ID method.

# "Local" confirmation on the same device

In this option, the user is asked to start the BankID app and authenticate on the same/current device. It can be used on both mobile or desktop, but it is normally used in a mobile flow (since very few users have installed the BankID app on their desktop).

Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide

# Headless authentication

If you want to send headless authentication requests (typically from a backend or app to backend system) via Signicat, we recommend using our Authentication REST API as a mediator. For more details, see Headless authentication.

# Result with user information

The user information available after a successful authentication may differ slightly between different issuers. Important parameters are:

  • Subject (unique ID)
  • National identity number
  • Name
  • Birth date
  • Issuer

For more details, see Response examples.

Last updated: 10/10/2023 10:56 UTC

Sign agreement and order certificate